Analysis Overview
Threat Level: Likely malicious
The file https://install1check.com/JXNjsy291OskMZJxnYYsax?a=0&u=152869&t=Luna%20Exploit&tracker=9158882463151130554&m=82&f=82&source=1046538 was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Enumerates connected drives
Browser Information Discovery
System Location Discovery: System Language Discovery
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-21 13:44
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-21 13:44
Reported
2024-10-21 13:46
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe | N/A |
Reads user/profile data of web browsers
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe | N/A |
Browser Information Discovery
System Location Discovery: System Language Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 68321.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://install1check.com/JXNjsy291OskMZJxnYYsax?a=0&u=152869&t=Luna%20Exploit&tracker=9158882463151130554&m=82&f=82&source=1046538
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8568146f8,0x7ff856814708,0x7ff856814718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2376 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6160 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6668 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3396 /prefetch:8
C:\Users\Admin\Downloads\OperaGXSetup.exe
"C:\Users\Admin\Downloads\OperaGXSetup.exe"
C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe --server-tracking-blob=NGM4MjI5MDRjNjhjNGMxYWQ1MTNmMTIzNGNkMDFkNzExNDdkZTNmOTlmZmIyZTMyNTFiNzE0ODk5NTE4M2YyNTp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9HQl9IVlJfT09NJmVkaXRpb249c3RkLTImdXRtX2lkPTNiMWVkNDk3MjgzNDQzMDE5Y2IxZGEyMzFmNWQ0MWI0Jmh0dHBfcmVmZXJyZXI9aHR0cHMlM0ElMkYlMkZ3d3cub3BlcmEuY29tJTJGZ3glM0Z1dG1fc291cmNlJTNEUFdOZ2FtZXMlMjZ1dG1fbWVkaXVtJTNEcGElMjZ1dG1fY2FtcGFpZ24lM0RQV05fR0JfSFZSX09PTSUyNnV0bV9pZCUzRDNiMWVkNDk3MjgzNDQzMDE5Y2IxZGEyMzFmNWQ0MWI0JTI2ZWRpdGlvbiUzRHN0ZC0yJnV0bV9zaXRlPW9wZXJhX2NvbSZ1dG1fbGFzdHBhZ2U9b3BlcmEuY29tJTJGJnV0bV9pZD0zYjFlZDQ5NzI4MzQ0MzAxOWNiMWRhMjMxZjVkNDFiNCZkbF90b2tlbj01MjAzODA4NCIsInRpbWVzdGFtcCI6IjE3Mjk1MTgyNzQuNzg0NCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiUFdOX0dCX0hWUl9PT00iLCJpZCI6IjNiMWVkNDk3MjgzNDQzMDE5Y2IxZGEyMzFmNWQ0MWI0IiwibGFzdHBhZ2UiOiJvcGVyYS5jb20vIiwibWVkaXVtIjoicGEiLCJzaXRlIjoib3BlcmFfY29tIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6IjEzYTNlYzFjLWIxNTktNDkzYS05NjNhLWQ4MjM4NzFlMzQzNSJ9
C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.106 --initial-client-data=0x330,0x334,0x338,0x304,0x33c,0x74488c0c,0x74488c18,0x74488c24
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202410211344521\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202410211344521\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202410211344521\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202410211344521\assistant\assistant_installer.exe" --version
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202410211344521\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202410211344521\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x288,0x28c,0x290,0x264,0x294,0x674f48,0x674f58,0x674f64
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1996,5272134562667285128,16983926890827791022,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1048 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | install1check.com | udp |
| US | 172.67.140.150:443 | install1check.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.140.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | deefauph.com | udp |
| NL | 139.45.197.251:443 | deefauph.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cpinap.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 172.67.71.226:443 | cpinap.com | tcp |
| US | 8.8.8.8:53 | 251.197.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.71.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | my.rtmark.net | udp |
| NL | 139.45.195.8:443 | my.rtmark.net | tcp |
| US | 8.8.8.8:53 | 8.195.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | download7locked.com | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | try.opera.com | udp |
| US | 35.174.45.74:443 | try.opera.com | tcp |
| US | 8.8.8.8:53 | 74.45.174.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 18.197.90.236:443 | www.opera.com | tcp |
| DE | 18.197.90.236:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 236.90.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 142.250.179.238:443 | www.googleoptimize.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | 15.234.82.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| DE | 18.197.90.236:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.180.3:443 | www.google.co.uk | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 74.125.206.154:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 36.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.206.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | www.googleoptimize.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | 111.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11199305.fls.doubleclick.net | udp |
| GB | 172.217.169.6:443 | 11199305.fls.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| BE | 74.125.206.154:443 | stats.g.doubleclick.net | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.6:443 | 11199305.fls.doubleclick.net | udp |
| GB | 172.217.169.2:443 | ade.googlesyndication.com | tcp |
| GB | 172.217.169.2:443 | ade.googlesyndication.com | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 6.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.129.153.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 151.101.129.140:443 | www.redditstatic.com | tcp |
| GB | 2.19.117.161:443 | snap.licdn.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| DE | 18.155.145.5:443 | static.hotjar.com | tcp |
| US | 151.101.129.140:443 | www.redditstatic.com | tcp |
| US | 8.8.8.8:53 | alb.reddit.com | udp |
| US | 8.8.8.8:53 | pixel-config.reddit.com | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | 143.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.145.155.18.in-addr.arpa | udp |
| US | 151.101.193.140:443 | pixel-config.reddit.com | tcp |
| US | 151.101.65.140:443 | pixel-config.reddit.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 8.8.8.8:53 | 140.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | 121.217.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | autoupdate.opera.com | udp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| NL | 185.26.182.124:443 | autoupdate.geo.opera.com | tcp |
| NL | 185.26.182.124:443 | autoupdate.geo.opera.com | tcp |
| US | 8.8.8.8:53 | features.opera-api2.com | udp |
| NL | 185.26.182.111:443 | features.opera-api2.com | tcp |
| US | 8.8.8.8:53 | api.config.opr.gg | udp |
| US | 104.18.25.17:443 | api.config.opr.gg | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| US | 8.8.8.8:53 | 124.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.25.18.104.in-addr.arpa | udp |
| GB | 142.250.178.3:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | download.opera.com | udp |
| NL | 82.145.216.23:443 | download.opera.com | tcp |
| US | 8.8.8.8:53 | download5.operacdn.com | udp |
| US | 104.18.10.89:443 | download5.operacdn.com | tcp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| NL | 82.145.216.23:443 | download.opera.com | tcp |
| US | 8.8.8.8:53 | download3.operacdn.com | udp |
| GB | 2.22.249.213:443 | download3.operacdn.com | tcp |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | 213.249.22.2.in-addr.arpa | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.162.46.104.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c2d9eeb3fdd75834f0ac3f9767de8d6f |
| SHA1 | 4d16a7e82190f8490a00008bd53d85fb92e379b0 |
| SHA256 | 1e5efb5f1d78a4cc269cb116307e9d767fc5ad8a18e6cf95c81c61d7b1da5c66 |
| SHA512 | d92f995f9e096ecc0a7b8b4aca336aeef0e7b919fe7fe008169f0b87da84d018971ba5728141557d42a0fc562a25191bd85e0d7354c401b09e8b62cdc44b6dcd |
\??\pipe\LOCAL\crashpad_5016_HUZMEPYIJCMIJUZK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e55832d7cd7e868a2c087c4c73678018 |
| SHA1 | ed7a2f6d6437e907218ffba9128802eaf414a0eb |
| SHA256 | a4d7777b980ec53de3a70aca8fb25b77e9b53187e7d2f0fa1a729ee9a35da574 |
| SHA512 | 897fdebf1a9269a1bf1e3a791f6ee9ab7c24c9d75eeff65ac9599764e1c8585784e1837ba5321d90af0b004af121b2206081a6fb1b1ad571a0051ee33d3f5c5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f0d88e9ada6b2ee3ba747edcbd4cbb09 |
| SHA1 | c568b317ba1b2ff4b5b867d737ebe262f5d8d575 |
| SHA256 | 216fa4adba718ef8e0d914386a6f30f7aef3e5aec456a19d6e037357384a7d7d |
| SHA512 | 93653387cddfcb373a8af8d67cb625373fa05e481237218673c79f10a83cfccaff93abb4a677027d4fefda6f0d7b261431e88849353779252211153f517f281a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6b3cb0cd2c2392de653bed4a647622c0 |
| SHA1 | 25398f00dfd1954aa768513f555d123ae9dd1d10 |
| SHA256 | 243dcdd13b9fec7fd7d2868ac14cca726d3e4a609d89a78083709f9a7036b9ec |
| SHA512 | 4869c7d19474e61a5f559c3ab615ee8e3f0bea34764bb6daaf17ce3ed472ff120b5317e6017b450d644e403d4b08f4416c18c4f63d4b083812b06a7e0f3d7b99 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0df408bf1fbbdb5dc520989c140d4a86 |
| SHA1 | 8babed69a566b53f79f970d5b881516de7b6b011 |
| SHA256 | 10b3e57f332eec577d698cbc790a092cf91e66c1db32dba5afb721ca1b77d0ff |
| SHA512 | f15963779a93be31ade0392fe2598415f70ca8038dc3bd42cfc1b40201f127c2a6528298aa43c5e22257703c2b9dcf143c816ee219662dc92a9c351d0c2e87fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 484ab41a152a440d3321a97729802fee |
| SHA1 | 5ee690745b8a321332b2436d2bc2a1f3695fdb7e |
| SHA256 | fdb720465e97bbe8a599f6aac30b04259eb923e800db10eea68c0d935dd91f8f |
| SHA512 | e2235d1bdb35c79f6911a2563dea1987e5590eaaa25a221c2504b3b727c0bc86c9b0b06716a33b67e1184e1c03f27bd2f6b40dbfde9f058933ad3c4e4237580f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0c9680b94b1abdf0450654fe337706d2 |
| SHA1 | 8dbc61a61645e53f2adb7f4753ab20bdb057dc41 |
| SHA256 | 8fa816c6d01818d1f22c9b3e22315a83c950c4b6baa0222f66129e3faf7652d8 |
| SHA512 | 899b22bbfe1e61e918bd816e58c2604a40949d11118ba26d7f0423940c004632401b12f51e8e5f91db97aa39720572390c079d6ab73dbbef9888d37c16ddee37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581901.TMP
| MD5 | c4aceffbfaa78d6b90b0fd9659d9d4db |
| SHA1 | 187a81f168fed566ea5236b96500e1de68109a0e |
| SHA256 | e68e06c88b89d72b82d9949d7620fc1c48458277adf6db79596833ba81e9812e |
| SHA512 | 63f3e944f5b94e6039e91285fc208985b07a339622912c886d9682a0388fec7669796b2d4b651b1a43b7adaaa9ad91c7926cd9a654f58f135067f05c675bef60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0d42818acc51e19c4bd8bd2a9851a747 |
| SHA1 | c865e0ba92153d003556e070deaaa24710ac1bb5 |
| SHA256 | 19859144b1c9f3a7a841532154fd6733ed06822816b7bfe674f880dd76a024c4 |
| SHA512 | 4be5406afbfbdac1c84d5cc0c39e1092804bb6503c9b673ce179acca25313ccff9571ad0b840a5e5e277dc3a130f765ca526f3c69209eca2c5ffddf55df828c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 8a8cca11f0ef931a3dbb802565b1ed7a |
| SHA1 | c560fbecf74f4f18f77b8b80b3590c2f000d41e0 |
| SHA256 | adf4d88a345de5ba03bf74fd931a95732359384fe851a90c4fcf84d5da532963 |
| SHA512 | 86fbea249eb8cff3f2c68ec68a60edb823575d800a49df6dfe8082589c8a069551f2d5a2f3c8bba0f8c26bcf63bbedb629958eb099599e20c87f9fd7a4b842f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aff975c774119caba47205e8e3a162a3 |
| SHA1 | e127c47f88a658383504fa2f52caaa75e6548a14 |
| SHA256 | 716fd1658af9f920eac6b9213095dcfde72408602475f1af0121e34cc5d869d0 |
| SHA512 | 9914b3d7169474146e34ed6dd5870b992b6d418107ed30cd4fb3c1520190846039df88601656253f3135cd3b397c2a63799bb3319a0db9817c131fef5aa51661 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 2d9629acd72d8a9aa86d262ff9865232 |
| SHA1 | f6bc44c0ef5a4ef1c6811886dfad0cc30224572c |
| SHA256 | a77da1283cdf4b3d706dfc63e8fe7b6a75102e8bc4f9c035a0c876bf8ee09a12 |
| SHA512 | 8a121fabd571014e891f1f3bf8d2ef7a660590d0c0112d2f64db430c0ad38b0d8fa0a42996e73a4ba6d46485848bc31443d47b247abefb4c67691eb963e8897c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | b4227161d49ca8a2a64859930512d72e |
| SHA1 | e11bc24a2cc36bf4e5d5953f3ddceb153ff17220 |
| SHA256 | 618ada4f200a3d739ef6a94af082df7a190ba32eea3aadeadb4f79f5ff9cf5fa |
| SHA512 | 40936dc7aed4ab285ff274ed9906e3cf39b14f2fccd614c98423a0a4ed4807fa8a036f91861e9bac1e55714b1eae7c6c073b7f730fbbe114bea2454a95aefc32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\Downloads\OperaGXSetup.exe
| MD5 | bcdb505f70b70b840f357ce10892ffc2 |
| SHA1 | ee8f8116d99f1f6284d2b4ef99b1633c83b586ea |
| SHA256 | d37414ab947f73407c3fd5ae1370da9df680673ceba545398452dee38bb6fdd4 |
| SHA512 | 753fb2ec33410c7210e213d28c0992ba27cf4c1128e8b58b2b5938a1bac5b8a5bb1569188338f1b2f3f16d5f9bbf6cdbe7d4e23075c6366b56efb5ba1d0cd85f |
C:\Users\Admin\AppData\Local\Temp\7zS8D0F6758\setup.exe
| MD5 | 69b8dccaa86523ed05aec86791ea468c |
| SHA1 | dc901fd4500de4a67f9763609589ba1b00e5ac0d |
| SHA256 | 4121e26db0d80dc28a96eeb582da7af17e1b6e8e37c47cdda81627821c94c94c |
| SHA512 | a5a80f3405650844fefde8f9707a4785f67b8658b54011933d991b5e2c7bd43a21636f2dc410b7aa575695473362b5e10ffbe80b092820635a0f6b9998f45a1c |
C:\Users\Admin\AppData\Local\Temp\Opera_installer_2410211344521755748.dll
| MD5 | 8e8ba6038570d595f2ffb93f8e1dbe38 |
| SHA1 | 69d5a900963baf10920fa6b7096550a7c456b23a |
| SHA256 | c4dc15ff2a514e5e2d6abebd4e69d8395ce8eed9e0a3f63837a17ea55864c8eb |
| SHA512 | cf587bdfa604a1ad6a2c13fad30e07b5310a35a535e4181ff940c7adc95235c5b330972d16405bfa32407884aac61117e0a41d88813aae520de7e093ee5eed9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 91f71401c8e94601b119fe433e9dff3c |
| SHA1 | f7e32b60b6ee012dc5d4a067628e9ad8ff842bd0 |
| SHA256 | fc5ab1b91b1b26735dbdd406a30076da07fa320d0e1b28d8827f42b20beaa7c3 |
| SHA512 | 13f2d770ab0b8f2ab5476bed0e228273fd344c0a422dff2e6a888f858e322480716d1e2dfa4d352eb2a89858f71ebcb9d928554a253f531ca72d0747e9a9fbca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a08fef20f5621fc52d5f65307f6bd022 |
| SHA1 | a0fd381c1d8b7b6ea2596375730df9c12699a4be |
| SHA256 | 0dd12099bb950b2b01539da06ac837e79c9536918eb74683d68cc257e138a6cc |
| SHA512 | adb5b13108058e0c1b9b6e03ce8235fbcddf8cf1f759140cb34dbacbfbcf5967bb97cd5db926158561ca9efb909cf325e3799d00098c8d628f2ddfa365647607 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 17b03a8b817a4ee2192ffece3986cd8a |
| SHA1 | 5da6bfe7530a21ddd6011a88ae7076a461304d18 |
| SHA256 | 4111f3cff467542fdb5d795cdf7598fb9db153ac543ea14b4c89d761acaeaffe |
| SHA512 | cf01805175316d0d033f2bd4c593fdb3fa267be8a39122519d2c467318a19ecbc756237bdad04174567e84066b5afbaf315478aae8364beddcb9904a18a8536d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5880e3.TMP
| MD5 | cc552895ea95cc11d73506e06d1e7c15 |
| SHA1 | 897731f1b7b9fe132e624c102b04f2acc082e9fd |
| SHA256 | 1bf0300460933096413dacef3cf9b7b3162579f1698005390ae1dec8b8366149 |
| SHA512 | 003bf03a87e8bf90d12c9068ec0349ff901d731b0a1e15112b3ba48c23a694b66f77e5649d166c5b2cefb6cee681942d87a390fd15df1e01f51ea1845fb4dedc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 08e07cf85b70839ca5f3c98399df3a47 |
| SHA1 | 7c5a447d22a90c585c038913b102690ee2054480 |
| SHA256 | c5c9b3873596f1b904bfb606d98d1941a963f390f7d5200a7078074aa4ed4933 |
| SHA512 | 48874ad091300aa072dc033ee4109bf8a271551459c74a44d9c244a707eaef77957b9d525e9345beef560d95476299000d98022349d1519b037a67c8d3f3b727 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d7a0dd30607fed640feed41fe5f1a2a5 |
| SHA1 | 6428f8524490e30e486cb27b38378549c14bdd54 |
| SHA256 | fc8416a0ce15389eca0ce848ffba517e77cb5a45bc00d120cd538f576e91b87a |
| SHA512 | 21ae4a340f8a2ad9d5524c4d9191e7b06386eb094e71601f3c44de5444030c02cfa2740c3d38ba035393ea5507f4eb35809c225302c12ce5a3b0e38554cff60c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_9A347AC5A42F886F9F966873087C7F2E
| MD5 | fc83c6cc73ddedbc674fb4748f59603d |
| SHA1 | 9283643d81711cedbc996df68a004665bd415d1d |
| SHA256 | d232303b5cf3ed8da81c94acc686530faea26a45530f8df83d59aef2cee118a4 |
| SHA512 | 30b8ceb4539dc470dc4f768b7e4b663b2abb53161a88953b1debc9f807596106d1427692c58ea36850c44476ff5da82e045b6d12de61738c15658c127a8ecfec |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_9A347AC5A42F886F9F966873087C7F2E
| MD5 | de973d4f5749ee02176bb9630c069f17 |
| SHA1 | 23beb9650d2858ac29bcc1e344b3f4cc89f4eded |
| SHA256 | 99c708d9093030e97888212f8273a5c4c8114da11eb09d50490d33d8eb0ff8ca |
| SHA512 | 35db0195829c0a28ba4cffaad38fa29dfda5387c97d03b54895e6b9b3933f3440cde3438ebec58fdae2c1bccdf209a1b107f6847e49707d4ec6484da529921e5 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
| MD5 | 6fbe7c309f088bab420346d9309440be |
| SHA1 | f8dfc0b81e9d0a9160d9983d985e07fb541e7775 |
| SHA256 | 52aa0011cf44a125f31ea40b06b3d273b809951acdab93ba3864b5288224fcec |
| SHA512 | 13c0d815a6b14296f1503092fce0e002c0c091c57e29103b969e30ff5a373de04426f9d32f9383f2f46898d18976192c2c11795284604bd56c4297e653337425 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
| MD5 | dc92870c867ad615421594c35cebca19 |
| SHA1 | 9de217b199c9cc314eeae332205cd7f4331a533c |
| SHA256 | 29400dfce2976441789ed5d3f57f7ec59b99f9e3c39e6907b2bea621a6faf34a |
| SHA512 | 8db72c35f3f25607395f8d629989ac0df3f07492b3963b2283f2ede4b7c3963d21720f815c64b3ac70d221e5091b35a2091f482bc1f19c89be809f81807202fe |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
| MD5 | 022faa2d478a5f0c6cb19c444f5a1216 |
| SHA1 | 7f4017bb2d958b0c141917641d2ac19e9b18f791 |
| SHA256 | 28aca94d02a26403deb7a9a9796915b15b5abdce4f7098a69f9daf1c28c82663 |
| SHA512 | 71c6eab2d3be11c75d94ca597f19a16b4b1e0b88e6d73358040c05ed78dd59a8c66d0c613f05b0f5d35fd77e2d0cc978f632413a7f601747fb0150a53851cef8 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
| MD5 | 9cf2599c72ef51f9cd3e48c57cff1d34 |
| SHA1 | c33e446da183600cb5da05d3ce407c1d6dcddc01 |
| SHA256 | e0f6652824a7e710a98a867bc09ea2737f2bcb849829bad7a9bb50ad1e7a5eca |
| SHA512 | c434f920d0986c0b121e5687bd3d91e8ca59e4556a4f8ad4afcde34faa7b725e4c16a8f52c31d4edd443f46013bd6b3bb26ea7adf8f6837fe4794a487ff36443 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | d03282908487eada836bf5cc6e217413 |
| SHA1 | 6d4a5c33f2c35f574d634b56d16efa34fd5cef47 |
| SHA256 | 2458f71cefcf950800ea15df25c99690de6aed8477810d5af5a3323cf6910415 |
| SHA512 | e9ca168679fb71c314bfa7a1f6033a2af441838168335a93c8757be9c9b2f7da3bc1dd3fb81b1696d0fa867e94c69f43d69ed9d4752ea8b969effa06de389763 |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202410211344521\additional_file0.tmp
| MD5 | e9a2209b61f4be34f25069a6e54affea |
| SHA1 | 6368b0a81608c701b06b97aeff194ce88fd0e3c0 |
| SHA256 | e950f17f4181009eeafa9f5306e8a9dfd26d88ca63b1838f44ff0efc738e7d1f |
| SHA512 | 59e46277ca79a43ed8b0a25b24eff013e251a75f90587e013b9c12851e5dd7283b6172f7d48583982f6a32069457778ee440025c1c754bf7bb6ce8ae1d2c3fc5 |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202410211344521\assistant\assistant_installer.exe
| MD5 | 4c8fbed0044da34ad25f781c3d117a66 |
| SHA1 | 8dd93340e3d09de993c3bc12db82680a8e69d653 |
| SHA256 | afe569ce9e4f71c23ba5f6e8fd32be62ac9538e397cde8f2ecbe46faa721242a |
| SHA512 | a04e6fd052d2d63a0737c83702c66a9af834f9df8423666508c42b3e1d8384300239c9ddacdc31c1e85140eb1193bcfac209f218750b40342492ffce6e9da481 |
C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat
| MD5 | e27d22fee2f33f6d5a273da00843a137 |
| SHA1 | aee4f0068a4cccf82b9b62c35ecdc4d62a0a0bfd |
| SHA256 | 3eb9475290803ed0e6c461bb6f8053ce5bac9ece1390bff64a72a1788b24b58d |
| SHA512 | 9743403b3794d5640059a58815ef7c0bfa302ce8c11a78c32cdcadd96a0ca1643867254a4e99eecb7404b529b4088354922dfa818ac353c51951def197930391 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b97493b6f93ecb20f7a574e4fd6c02d4 |
| SHA1 | 2d4f8d0b4f36c276a03a51fc1c41b0feb3299f2a |
| SHA256 | 80b057d4f50aa2bda1d63262598511927a1d55e3872f0c089ba83036d3f2ce99 |
| SHA512 | 83be564eef68a8b3a0f7c4a63cdbb245b201e6c42160c1d3b0323d1a31d2fe9a795627e3967419b7e07be85733e8de1628d57f52ce32b9293890726f724c03b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | edd9f3fd0df98699198e6f54442cfb56 |
| SHA1 | ebc9ea0659d33845bbd10f778ca0137b5adac39f |
| SHA256 | fb74b0c0c5ce63196793f6adffa53633688f26a05afa63b60f06d4c3b038d624 |
| SHA512 | a3536a1197d8b943c8da3a16eada11c8e149db3cd198adbd519e6e70a5585262935fdf421266c41bd07e6a42b6ed0817e5ded82c5d5e201da46ea7d6b7f7d19b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 819d9ce11e25a1c71d703425428c5a8d |
| SHA1 | a23e6ad7adece682e2777c1eb643b7961aa8c4c6 |
| SHA256 | 28064672ef7c902f02a341da280c03cfefbb6a20a4b0c0ae0b4266cd54115fdb |
| SHA512 | 1bf86edea9ccf4eaef72634c17ac6c74d4d09a7cc074297f2144c167df654fa5bb4240feaee1b5949d3f441327b19844278c9f8be56b5a7e2e90f7ccd5a3e69c |